Displaying 5 results from an estimated 5 matches for "mac_mls".
2006 Mar 18
2
IPSEC with MAC/MLS support crack
...CP
server with IPSEC and MAC support, the server
innevitably crack. Because the m_pkthdr of some mbuf
is mangled by unknown reasons.
Following is my kernel configuration:
options MAC
options MAC_DEBUG
options UFS_EXTATTR
options UFS_EXTATTR_AUTOSTART
options MAC_MLS
# uncomment to put sebsd to kernel, but better to
options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG
Following is the kernel dump backtrace:
#0 0xc0668f0b in kdb_enter (msg=0x12 <Address 0x12
out of bounds>) at cpufunc.h:60
#1 0xc06509ab in panic (fmt=0xc08e6470...
2006 May 03
1
MAC policies and shared hosting
Hello,
I've been looking at the different MAC modules available and how they
cold help to implement a less insecure than usual shared hosting web
server.
I've not been able to come up with a suitable configuration, looking
at mac_bsdextended, mac_biba and mac_mls, but I think that a MAC
module with the following policies could be very useful for such an
environment. Have I missed anything? Has something similar been done?
The module would (roughly) work as follows:
Defining security levels in a similar way to mac_mls or mac_biba,
we define a range of...
2003 Sep 03
3
MAC problems
...> ping 192.168.65.100
PING 192.168.65.100 (192.168.65.100): 56 data bytes
ping: sendto: Permission denied
ping: sendto: Permission denied
ping: sendto: Permission denied
^C
--- 192.168.65.100 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
On the other side, when mac_mls is loaded, networking works,
but starting X server fails with message "Couldn't mmap /dev/vga"
(I don't see /dev/vga device regardless of MAC policy loaded)
Is it normal, or is something wrong ?
Is any additional documentation about MAC available, more than
papers at http://www....
2004 Jan 02
1
Questions about MAC
...tpmac mls/low echo "Low" >> file_mls_127.txt
$ setpmac mls/high more file_mls_127.txt
Message
High
128
127
126
Low
All writes above succeeded. Should policy allow command
ran as mls/high and mls/128 to write to a file with mls/127 ?
Does it conform to *-property (no write down) ?
mac_mls(4) says:
"Subjects may not write to objects with a lower classification level
than its own clearance level"
Am I making some obvious mistake ?
Thanks in advance for any help.
Regards,
Jarek
2003 Aug 13
6
5.1-R-p2 crashes on SMP with AMI RAID and Intel 1000/Pro
...UMMYNET
#options BRIDGE
options QUOTA
options _KPOSIX_PRIORITY_SCHEDULING
options P1003_1B_SEMAPHORES
#options MAC
#options MAC_BIBA
#options MAC_BSDEXTENDED
#options MAC_DEBUG
#options MAC_IFOFF
#options MAC_LOMAC
#options MAC_MLS
#options MAC_NONE
#options MAC_PARTITION
#options MAC_SEEOTHERUIDS
#options MAC_TEST
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
device isa
#options AUTO_EOI_1
device pci
device agp
# Floppy drives
device fdc
# SCSI Controllers
device sym...